| VID |
28120 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of QuickTime Player which is older than 7.0.3 is detected as installed on the host. Apple's QuickTime Player is a player that allow users to view local and remote multimedia content. QuickTime Player versions prior to 7.0.3 could allow a remote attacker to execute arbitrary code, caused by multiple buffer overflow vulnerabilities. By convincing a user to execute a specially crafted QuickTime file (.mov file or PICT file), an attacker could cause QuickTime to crash or potentially execute arbitrary code.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://docs.info.apple.com/article.html?artnum=302772
http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt
http://pb.specialised.info/all/adv/quicktime-mov-io2-adv.txt
http://pb.specialised.info/all/adv/quicktime-mov-dos-adv.txt
http://pb.specialised.info/all/adv/quicktime-pict-adv.txt
http://secunia.com/advisories/17428/
http://www.kb.cert.org/vuls/id/855118
* Platforms Affected:
Apple Computer, Inc., QuickTime Player versions prior to 7.0.3 (for Windows)
Apple Computer, Inc., QuickTime Player version 6.5.2 and 7.0.1 (for Mac OS X)
Apple Computer, Inc., Mac OS 10.x
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of QuickTime Player (7.0.3 or later), available from the Apple Web site at http://www.apple.com/quicktime/ |
| Related URL |
CVE-2005-2753,CVE-2005-2754,CVE-2005-2755,CVE-2005-2756 (CVE) |
| Related URL |
15306,15307,15308,15309 (SecurityFocus) |
| Related URL |
22952,22954,22955,22956 (ISS) |
|
